*Even if it means eventually putting yourself out of a job.
6. Plug The Leaks
Scanning the acquired company's network also gives you the first piece of the security puzzle. Your security team must be queued up to audit the seller's systems for all regulatory and other mandates you're governed by--but give this team an extra assignment first. That is, prevent word about the deal from slipping out.
Justin Bieber's phone number isn't the only thing to be leaked on Facebook. Ever-present access to technology makes it exceptionally easy to shoot an e-mail, text, or tweet about corporate activities. We did a quick tweet check of the phrase "company being sold." We had to weed through a lot of ramblings, but eventually a tweet stating "just found out my company is being sold" caught our eye. We followed the snappy user name to the tweeter's blog, figured out the blogger's real name, checked where he worked on LinkedIn, and bingo. Guess what? The deal hasn't been publicly announced--and it involves a publicly traded company. Whoops.
If this is how the rank and file get wind of an acquisition, you can expect to hear the electronic zipping of files, contact records, source code, and anything else those anticipating being "made redundant" want to take with them to their next gigs. If you haven't invested in data loss prevention, this may be an opportune time.